https://arstechnica.com/information-...f-blockchange/
Two new cryptocurrency heists make off with over $400M worth of blockchange
Coincheck sincerely apologizes for the inconvenience.
SEAN GALLAGHER - 1/26/2018, 3:55 PM
The Japanese cryptocurrency exchange Coincheck has shut down trading and withdrawals from accounts after a reported theft of more than 500 million XEM—the blockchain-based cryptocurrency created by the NEM Foundation. At the time of the theft, 500 million XEM was worth approximately $400 million US. Police were reportedly at Coincheck’s offices.
Coincheck announced the shutdown of NEM deposits at about noon Japan Standard Time Friday (10:00pm Eastern Time on Thursday). In a follow-up announcement four hours later, a company spokesperson expanded the shutdown to all currencies, and by 6pm JST all payment processing had been suspended. “We sincerely apologize for these inconveniences and will continue to do our best to be back to normal operations as soon as possible,” the spokesperson wrote. At about the same time, police were seen at Coincheck’s offices.
Ars attempted to reach representatives of Coincheck and the NEM Foundation without success. Lon Wong, the president of the NEM Foundation, was quoted by Sead Fadilpašić and Stuart Garlick of Cryptonews.com as saying, “This is the biggest theft in the history of the world.” Wong told Cryptonews that NEM’s technology was not responsible and that Coincheck did not implement NEM’s multi-signature smart contract, “and that's why they could have been hacked. They were very relaxed with their security measures.” It is not clear if there was actually a “hack” at this point.
Issues with smart contracts have resulted in other recent cryptocurrency woes. In November 2017, a bug in multi-party contracts in Ethereum wallets developed by Parity Technologies Ltd. led to the "freezing" of $280 million worth of the cryptocurrency when someone inserted code into a wallet that essentially linked the wallet to all Ethereum multi-party contracts—and then deleted it, cancelling every contract. The bug has not yet been resolved as Parity examines multiple options for a fix.
This latest theft comes a week after it was revealed that the relatively small sum of $4 million worth of IOTA cryptocurrency had been stolen from investors’ wallets. That incident is thanks to what IOTA founder David Sønstebø characterized in an interview with Rachel McIntosh of the cryptocurrency news site Finance Magnates as a “phishing website” masquerading as a legitimate tool for creating the cryptographic seed for IOTA wallets:
What actually happened was a lot of unfortunate users were generating their unique seed (which is what you derive your password from) from a false website, a phishing website. It was meticulously crafted in such a way that it ended up being at the top of a Google search for IOTA seed generator, it was the first thing listed in the ads…So, this malicious actor essentially had people go there, and he/she created a website that looked very legitimate to new users. Therefore, they trusted it, and generated a seed there. That essentially means that they gave away their private key to a thief. It’s equivalent to giving your keys to someone as you go into a store, and then coming back out to find that your car is gone.
IOTA wallet seeds are a string of 81 (preferably randomly generated) characters. However, the tool at iotaseed.io apparently also stored data about each seed generated along with information about the wallet it was associated with, allowing whoever was running the site (or whoever hijacked it) to simply wait until wallets were filled and then cash them out. The offending site is currently down—replaced with a message: “Taken down. Apologies.”
https://arstechnica.com/information-...f-blockchange/
[Reply]
Originally Posted by Jewish Rabbi:
Absolutely. This tether fiasco getting resolved one way or another is the best thing that could possibly happen to crypto.
If Tether doesn't even have ALL cash reserves, then it's bad. All it takes is negative press to hurt speculation. And if they are legit broke then it could be super bad bad. Not 80% of the value bad, I don't buy that. But certainly a huge huge dip that could last for a while. It could really hurt the momentum and give people a bad taste in their mouth. The Mt Gox thing happened on a smaller scale and while Bitcoin & crypto wasn't well known to almost anyone and it still crashed like a mofugger.
If Tether proves dollar for dollar cash reserves, we could see a boom. At least that is my best guess.
In hindsight, I wish I would have sold most of mine at 20k BTC and waited until the the dip to re-invest.
[Reply]